Question:
I need to create an IAM user with s3 permissions using cloudformation.
I havent found a solution
Answer:
Use AWS::IAM::User to create the IAM User.
Here’s a YAML template that uses Managed Policies:
|
1 2 3 4 5 6 7 8 9 10 11 |
DeveloperUser: Type: 'AWS::IAM::User' Properties: UserName: user-developer ManagedPolicyArns: - 'arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess' - 'arn:aws:iam::aws:policy/ReadOnlyAccess' - 'arn:aws:iam::aws:policy/CloudWatchFullAccess' - 'arn:aws:iam::aws:policy/AmazonVPCFullAccess' - 'arn:aws:iam::aws:policy/AmazonS3FullAccess' |
Here’s a JSON policy that has inline permissions:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
"User":{ "Type":"AWS::IAM::User", "Properties":{ "Policies":[ { "PolicyName":"S3", "PolicyDocument":{ "Statement":[ { "Effect":"Allow", "Action":[ "s3:*", ], "Resource":[ "arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*" ] } ] } } ] } } |